The Swiss Financial Market Supervisory Authority FINMA is consolidating its corporate governance, internal control system and risk management supervisory requirements for the banking sector. This consolidation will take the form of a single circular incorporating findings from the financial market crisis and revised international standards. The consultation on this revision runs until 13 April 2016.
FINMA is revising its corporate governance requirements for banks by consolidating into a single circular the fully revised provisions of Circular 2008/24 “Supervision and internal control – banks” and the associated FAQs, plus the requirements set out in other circulars. The approach is principles-based and detailed descriptions have been eliminated. Furthermore, smaller institutions have been released from some of the provisions. FINMA will submit the new Circular 2016/X “Corporate governance – banks” together with the amendments to Circulars 2008/21 “Operational risks – banks” and 2010/1 “Remuneration schemes” for consultation until 13 April 2016.
More stringent rules for governing bodies and risk management
The “Corporate governance – banks” circular outlines the principles for corporate governance, the internal control system and risk management. Its provisions reflect findings from the financial market crisis and the revised international standards. Principles and structures for supreme governing bodies and executive boards have either been introduced or taken over from existing FAQs, as have the specific risk management requirements. For example, the supreme governing bodies of larger banks (supervisory categories 1 to 3) will be obliged to appoint an audit committee and risk committee and create the role of an independent chief risk officer. All banks will have to adhere to certain corporate governance disclosure requirements. Larger banks have extended disclosure obligations similar to the corporate governance guidelines for the Swiss exchange.
Wider range of operational risks
Supervisory practice has shown that operational risks in banking have become more diverse. As a result, Circular 2008/21 “Operational risks – banks” is to be updated and the corporate governance provisions removed. The risk management principle on technological infrastructure now specifically includes IT and cyber risks. A new principle on risks in cross-border services is also being added.
Binding provisions on remuneration systems restricted to large institutions
In principle, the provisions of Circular 2010/1 “Remuneration schemes” are now to apply only for institutions with complex remuneration systems and materially relevant compensation levels. The threshold for mandatory implementation of this circular is being amended accordingly and is now restricted to the two big banks and the largest insurance groups. However, FINMA may also oblige other banks to implement some or all of the provisions outlined in the circular where there are grounds for doing so.
The FINMA statement and related information can be found here.